(apologies if this goes through multiple times, it’s been almost 24 hrs and I haven’t seen my original post)
First of all, I love the new cookie-based sessions. Thanks bitsweat. I just have an architectural question / suggestion.
The CookieStore takes great care to provide integrity of session data, but we seem to have lost confidentiality in the process. The server-side storage methods had the implicit advantage of keeping the session data secret, but I don’t know if this was intentional or just an unintended consequence.
Would anyone see a disadvantage to symmetrically encrypting the cookie data rather than signing it with an HMAC?
As far as I can think, this would retain all of the benefits of the current arrangement while obscuring the session data from a potentially untrusted client. (Not that untrusted-client is the normal way of things, but I tend to think fail-secure.) I don’t think we need the full authenticity that an HMAC provides, since we’re not trying to prove session authenticity to anyone other than the server that generated the session.